[radvd/f15] fixes CVE-2011-3602
Jiri Skala
jskala at fedoraproject.org
Mon Oct 10 13:01:21 UTC 2011
commit 7c2fc00ca8b57faf71d61f4b67aea987f26b3ff6
Author: Jiri Skala <jskala at redhat.com>
Date: Mon Oct 10 15:01:13 2011 +0200
fixes CVE-2011-3602
radvd-1.8.2-iface.patch | 12 ++++++++++++
radvd.spec | 9 ++++++++-
2 files changed, 20 insertions(+), 1 deletions(-)
---
diff --git a/radvd-1.8.2-iface.patch b/radvd-1.8.2-iface.patch
new file mode 100644
index 0000000..c1ed9d3
--- /dev/null
+++ b/radvd-1.8.2-iface.patch
@@ -0,0 +1,12 @@
+diff -up radvd-1.8.2/device-linux.c.iface radvd-1.8.2/device-linux.c
+--- radvd-1.8.2/device-linux.c.iface 2011-10-10 10:26:47.089760082 +0200
++++ radvd-1.8.2/device-linux.c 2011-10-10 10:27:12.149014098 +0200
+@@ -244,7 +244,7 @@ set_interface_var(const char *iface,
+ return -1;
+
+ /* No path traversal */
+- if (strstr(name, "..") || strchr(name, '/'))
++ if (!iface[0] || !strcmp(iface, ".") || !strcmp(iface, "..") || strchr(iface, '/'))
+ return -1;
+
+ if (access(spath, F_OK) != 0)
diff --git a/radvd.spec b/radvd.spec
index de7be4a..f99d51c 100644
--- a/radvd.spec
+++ b/radvd.spec
@@ -4,7 +4,7 @@
Summary: A Router Advertisement daemon
Name: radvd
Version: 1.8.2
-Release: 1%{?dist}
+Release: 2%{?dist}
# The code includes the advertising clause, so it's GPL-incompatible
License: BSD with advertising
Group: System Environment/Daemons
@@ -20,6 +20,8 @@ Requires(pre): /usr/sbin/useradd
BuildRequires: flex, flex-static, byacc
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch1: radvd-1.8.2-iface.patch
+
%description
radvd is the router advertisement daemon for IPv6. It listens to router
solicitations and sends router advertisements as described in "Neighbor
@@ -34,6 +36,8 @@ services.
%prep
%setup -q
+%patch1 -b -p1 .iface
+
%build
export CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -fPIE"
export LDFLAGS='-pie -Wl,-z,relro,-z,now,-z,noexecstack,-z,nodlopen'
@@ -109,6 +113,9 @@ exit 0
%{_sbindir}/radvdump
%changelog
+* Mon Oct 10 2011 Jiri Skala <jskala at redhat.com> - 1.8.2-2
+- fixes CVE-2011-3602
+
* Fri Oct 07 2011 Jiri Skala <jskala at redhat.com> - 1.8.2-1
- update to latest upstream version 1.8.2
- this update fixes CVE-2011-360{1..5}
More information about the scm-commits
mailing list